tech-security archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Patch: rework kernel random number subsystem



Thor Lancelot Simon wrote:

>          *When these generators are rekeyed, the 'rngtest' test is run
>          on their output and the kernel will panic if it fails.*  It
>          is not the long-term intent to panic on a rngtest failure,
>          but rather to rekey; but this is a good way to detect bugs in
>          the implementation (see below).

Can this panic behaviour be sysctl'able or #ifdef'd, and default to not
do that?  It seems like a very large sledgehammer to use.  I suspect
there'll be a large class of users who wouldn't expect a panic simply
because they asked for a random number and it found a bug in your
implementation.

Cheers,
Simon.


Home | Main Index | Thread Index | Old Index